The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...

The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request ...

Update Chainlit to the latest version ASAP Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud environments at risk of leaking data or ...

The most popular trusted model context protocol (MCP) servers on the Web today contain severe cybersecurity vulnerabilities. The Internet of AI forming all around us is growing larger and more ...

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity advisories exposing critical flaws across SAP, Microsoft, and Atlassian, the very ...

About 175,000 private servers are reportedly exposed to the public internet, giving hackers the opportunity to carry out ...

DryRun Security, the industry’s first AI-native, code security intelligence company, today announced the DeepScan Agent, a new AI-powered capability that delivers full-repository application security ...

A critical-severity SolarWinds Web Help Desk vulnerability has been added to the Known Exploited Vulnerabilities (KEV) ...

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026 ...